<?php

	function authenticate($username, $password)
	{
		
		$flag = false;
		$passmd5 = $password;
		echo "select IDEmployee,UserName from employee where UserName='$username' and Password = '$passmd5' and State = 1";
		$query = mysql_query("select IDEmployee,UserName,FullName from employee where UserName='$username' and Password = '$passmd5' and State = 1");
		
		while ($row=mysql_fetch_array($query)){
			$_SESSION['user'] =  $row['UserName'];
			$_SESSION['IDEmployee'] =  $row['IDEmployee'];
			$_SESSION['fullname'] =  $row['FullName'];
			$flag=true;
			echo "da vao day 3".$_SERVER['REMOTE_ADDR'];
			header( 'Location: http://'.$_SERVER['REMOTE_ADDR'].'/ERP/ERP-PC/menu.php' );
			
		}		
		if($flag==false){
			echo "da vao day 4";
			$errorMessage = "Not a valid user.";
			header( 'Location: ../login.php' );
		}
	}
?>